On Tue, Dec 03, 2019 at 06:16:06PM +0000, Raf Czlonka wrote: > On Tue, Dec 03, 2019 at 04:41:27PM GMT, Chris Bennett wrote: > > > > [...] > > Dec 2 22:36:28 freedomforlife smtpd[78001]: cd3e9bc4ab696630 smtp > > connected address=172.58.46.253 host=<unknown> > > Dec 2 22:36:28 freedomforlife smtpd[78001]: cd3e9bc4ab696630 smtp > > failed-command command="" result="550 no rDNS is so 80s" > > Dec 2 22:36:28 freedomforlife smtpd[78001]: cd3e9bc4ab696630 smtp > > disconnected reason=quit > > [...] > > > On Tue, Dec 03, 2019 at 05:57:24PM GMT, Chris Bennett wrote: > > > > [...] > > filter check_rdns phase connect match !rdns \ > > disconnect "550 no rDNS is so 80s" > > [...] > > > > Chris, > > That'd be it. > > You're using a filter which disconnects a session with a message > "550 no rDNS is so 80s", for every IP address which doesn't resolve > to a reverse DNS. > > Regards, > > Raf
Except that I'm not sending the messages to or from my phone. Only the SSH session. I can send messages from my laptop through the phone successfully. Only they are now rejected as no rDNS from jackass.my.domain. To be expected and they worked without the filter before (which made some testing nice). These messages are from smtpd on one server to smtpd on another. Only the SSH is from the phone. But all of the IP's which did this came from previous, not the current session, from my phone's IP's in authlog. But only previous IP's. OK, I'm guessing here, but was the server grabbing the phone's IP to do lookup's with? How do I test for that? If that's the case, then this will be educational about something I don't know. :) Thanks, Chris Bennett
